2 matches found
CVE-2019-8939
data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page...
CVE-2019-8939
Tautulli 2.1.26 is affected by a reflected XSS in data/interfaces/default/history.html when a crafted Plex username is mishandled during History page construction. The vulnerability could allow JavaScript execution in the context of the Plex server administrator if a user’s username contains inje...